⚠️Renters Rights Act — 1 May 2026.See what changes →

LetCompliance
LetCompliance

Start tracking today

2.65M UK landlords — most still use spreadsheets

Try it

Navigation

Features

Everything LetCompliance does

Pricing

From £9/month — cancel anytime

UK Regulations

Gas Safety, EICR, EPC & more

Blog

Compliance guides & news

Contact

We reply within 24 hours

Account

Get started — from £9/monthSign in to dashboard
🔒 AES-256 encrypted✓ GDPR compliant⚡ 5-min setup

⚠️Renters Rights Act — 1 May 2026.See what changes →

LetCompliance
LetCompliance

Start tracking today

2.65M UK landlords — most still use spreadsheets

Try it

Navigation

Features

Everything LetCompliance does

Pricing

From £9/month — cancel anytime

UK Regulations

Gas Safety, EICR, EPC & more

Blog

Compliance guides & news

Contact

We reply within 24 hours

Account

Get started — from £9/monthSign in to dashboard
🔒 AES-256 encrypted✓ GDPR compliant⚡ 5-min setup
← Back to home

Privacy Policy

Last updated: 31 March 2026

Summary: We only collect what we need to run LetCompliance. We never sell your data. You can delete your account and all data at any time. We use bank-level encryption and are fully GDPR compliant.

1. Who We Are

LetCompliance ("we", "us", "our") is a software service operated from the United Kingdom. Our registered address is available upon request at hello@letcompliance.co.uk. For the purposes of UK GDPR and the Data Protection Act 2018, we are the Data Controller of your personal information.

2. What Data We Collect

  • Account information: your name, email address and password (stored as a hash — we never see your password).
  • Profile information: your phone number (if you opt in to WhatsApp reminders).
  • Property data: addresses, compliance certificate dates, financial figures you enter.
  • Documents: files you upload (Gas Safety certificates, EICRs, EPCs, etc.) stored encrypted in Supabase Storage.
  • Billing information: processed entirely by Stripe. We store only your Stripe customer ID — not card numbers.
  • Usage data: pages visited, features used, browser type. Used only to improve the product.
  • Cookies: session tokens for authentication. No advertising or tracking cookies.

3. How We Use Your Data

  • To provide the LetCompliance service — compliance tracking, reminders and document storage.
  • To send compliance reminders via email and/or WhatsApp (only if you opt in).
  • To process payments and manage your subscription via Stripe.
  • To communicate with you about your account, updates and security.
  • To comply with legal obligations.
  • We do not use your data for advertising, profiling, or sale to third parties.

4. Legal Basis for Processing

We process your data under the following legal bases as defined by UK GDPR: (a) Contract: to deliver the service you signed up for. (b) Consent: for WhatsApp reminders, which you can withdraw at any time in Settings. (c) Legitimate interests: to improve our product and prevent fraud. (d) Legal obligation: to comply with financial and data regulations.

5. Data Sharing

We share data only with the following service providers:

  • Supabase (database and file storage) — UK/EU data residency available.
  • Stripe (payment processing) — PCI-DSS Level 1 certified.
  • Resend (email delivery) — used only to send compliance reminders you have requested.
  • Twilio (WhatsApp notifications) — only if you opt in to WhatsApp reminders.
  • Vercel (application hosting) — edge network infrastructure.

We do not share data with any other third parties without your explicit consent.

6. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, all personal data — including property information, documents and compliance records — is permanently deleted within 30 days. Billing records are retained for 7 years as required by UK law.

7. Your Rights Under UK GDPR

  • Right of access: request a copy of all data we hold about you.
  • Right to rectification: correct inaccurate data.
  • Right to erasure ("right to be forgotten"): delete your account and all associated data.
  • Right to restrict processing: limit how we use your data.
  • Right to data portability: receive your data in a machine-readable format.
  • Right to object: object to processing based on legitimate interests.
  • Right to withdraw consent: cancel WhatsApp reminders at any time in Settings.

To exercise any of these rights, email hello@letcompliance.co.uk. We will respond within 30 days.

8. Security

We implement industry-standard security measures: All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Authentication is handled by Supabase Auth with bcrypt password hashing. Row Level Security (RLS) ensures no user can access another user's data. We conduct regular security reviews and apply updates promptly.

9. Cookies

LetCompliance uses only functional cookies required for authentication (session tokens). We do not use advertising cookies, tracking pixels, or third-party analytics cookies. You can delete cookies via your browser at any time, though this will log you out.

10. Changes to This Policy

We will notify you by email if we make material changes to this privacy policy. The "Last updated" date at the top of this page will always reflect the most recent version.

11. Contact & Complaints

For any privacy questions, contact us at hello@letcompliance.co.uk. If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.